Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 10 Mar 2012 02:16:06 +0300
From: ArkanoiD <ark@...ex.net>
To: oss-security@...ts.openwall.com
Subject: Re: Attack on badly configured Netfilter-based firewalls

Am I the only one here with strong deja vu feeling? :-)

On Sat, Mar 10, 2012 at 12:01:21AM +0100, Eric Leblond wrote:
> Hello,
> 
> On Mon, 2012-02-27 at 14:46 +0100, Eric Leblond wrote:
> > Hello,
> > 
> > On Mon, 2012-02-27 at 05:25 +0400, Solar Designer wrote:
> > > Eugene, all -
> > > 
> > > On Mon, Feb 27, 2012 at 09:19:59AM +0800, Eugene Teo wrote:
> ...
> 
> > e it to Eric much earlier),
> > > Eric would post to the list e.g. in January and ask for the issue to be
> > > kept private until March - thereby violating the list's maximum embargo
> > > period.
> 
> The slides and videos of my CansecWest talk are available:
> http://home.regit.org/2012/03/playing-with-network-layers-to-bypass-firewalls-filtering-policy/
> 
> I've done a complete description of the attack and also demonstrate the
> need to be careful with the use of helpers.
> 
> BR,
> -- 
> Eric Leblond 
> Blog: http://home.regit.org/
> 
> email protected and scanned by AdvascanTM - keeping email useful - www.advascan.com 
> 
> 


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.